Distributed Computing Program Hidden in Kazaa

The_THOMAS writes: "A federal securities filing Monday revealed that the hugely downloaded Kazaa P2P (file sharing) software contains a piggyback program which will create a second, new, network controlled by Brilliant Digital. They plan to awaken the software, already on millions of computers, within the next four weeks. The program will be used to host and distribute other companies' content and may be used for distributed computing. Read the details here."

Firestorm

[GrokSoup]

While ignorance is no excuse, that seems the only one given that Kazaa/Brilliant apparently tip users off to this crazy strategem in the user agreement. That said, I can't understand how this isn't a trojan -- installing an app with no explicit warning on a third-party computer? Shame, shame.

Re:Firestorm

[Melantha_Bacchae]

generic-man wrote:

> KaZaA is a program used exclusively to steal music, movies, and
> software.

I wouldn't know about that, having (thankfully) never used it. I get my mp3's off my extensive CD collection (Manilow, Mozart, Mothra, etc. -and that's just the M's ;).

> Windows XP is an operating system. It can be used for legitimate
> purposes.

Juno can be used for legitimate purposes. It started a distributed computing plan that required the user's computer to remain on at all times and connect to Juno regularly (at the user's expense if their access number was a toll number). That created a real storm of controversy.

Google can be used for legitimate purposes. Its toolbar is also a distributed computing application.

And please, do not think for a minute that Microsoft is far behind. Microsoft Research had a project called "Millenium" that called for distributed computing among other things. Millenium's marketing name appears to be ".Net". Ever heard of it?

If you have Windows XP, you have agreed to let Microsoft install any "upgrade" it wants to on your computer. That's all they need to sneak one of these applications on your computer and start harvesting CPU cycles, if they haven't already.

Ultimately, Millenium is to be a global super-cluster of all the Windows computers (if not all the computers period) in the world. Your data and applications will be stored where ever Millenium wants them to be stored (maybe even on one of your competitor's hard drives?!?). Both applications and multimedia content will run on a pay as you use basis (with digital rights management). The file system will be a universal data store based on SQL Server (say bye-bye to your favorite standard file formats). You will boot your new PC with the Millenium disk, and after a process similar to today's product activation, your computer will join (be assimilated by) the Millenium network. About the only thing different between .Net (the reality so far) and Millenium (the research project) is that Java (the Millenium Java VM was called "Borg") has been replaced by C#.

The above post is ***not*** an April Fools joke. It is based in part on documentation available on Microsoft's web site (http://www.research.microsoft.com/research/os/Mil lennium/mgoals.html and http://www.research.microsoft.com/research/sn/). The only "fool" is the person who sits by and lets Microsoft use this to gain control of the entire computing industry on this planet forever (or at least the thousand year kingdom that is what the word "Millenium" means).

What happens when you embrace and extend Godzilla? Nuclear heartburn!
See "Godzilla 2000" (released in Japan as "Godzilla 2000 Millenium") for details.

Wait a second...

According to their licensing agreement, they're allowed to use any extra storage space and/or cpu usage. What happens if you run out of space on your HD because of this and delete their files? Could they have the right to say that you aren't allowed to delete these files because it's their intellectual property?

Re:Sounds pretty neat

Umm, this is a P2P filesharing application.

If you're running it to let others use your bandwidth, then why are you running it?

Unless you're just a leech...

in the next four weeks? try the last four!

[Jukashi]

i beleive kazaa has been harvesting cpu cycles since the inception of thier latest version. any time i run kazaa it sucks up all my cpu. see for yourself : http://www.jukashi.com/kazaasucks.png

The USA PATRIOT Act to the Rescue!

[hillct]

A careful reading of the PATRIOT act, passed by congress established that any person who causes damage totaling $5,000 to any computer system or 'exceeding authority' granted on any computer involved in interstate commerce will be considered a terrorist, and be subject to a maximum of 10 years in prison for their first offense (20 for their second offense).

If this software utilized any cycles on my system, it will impact performance causing me expense which will rapidly increase to the $5000 threshold (a cumulative threshold). I granted no access nor privilage to use my systems, to any employee of Brilliant Digital Entertainment Inc. so as soon as any command is issued, affecting the behavior of any software installed on my computers, the employees and officers of Brilliant Digital Entertainment will imediately have become guilty of computer crimes under the Computer Fraud and Abuse Act as modified by the USA Patriot act.

--CTH

This is my personal reading of the existing legislation. I am not a lawyer, but this company will be guilty of multiple serious criminal offenses the moment they turn on their network.

Re:Its real, alright.

[delta407]

Well... no. KaZaA (or some other stupid capitalization) technically isn't using your CPU cycles... well, it is, but not for distributed computation. It's some other client, which (evidently) no one knew about. In any case, as far as I know, there was no such clause; no one knew about it. Plus, there need not be a clause, if the embedded program pops up a message box explaining what pushing "Yes" means. They don't need to include that in the license if you explicitly agree to it later.

What I find interesting is the fact that they could distribute some other program -- even if it is a "stub" program -- inside of something as widely used as KaZaA is kind of impressive. Surely, some one would have noticed... but if they did, they must have remained pretty quiet. Has anyone heard about this before Brilliant Digital said something?

Additionally, as a sidenote, giFT is pretty cool. Granted, the website does need some work, they actually have to release the new version (so you don't have to suck it out of CVS), and so forth. However, it's still pretty cool. Not the largest network, but if we were to get even 1% of Slashdot to join then OpenFT would be in excellent shape.

Wait, there's a good idea here...

[drudnick]

OK lots of people use these types of programs, so what if this was put in each one, then the distributed time sold to companies? The money could then go to the RIAA/MPAA. If every user of this software let it run 24/7, this might be a fair way of doing things.

Of course, this would have to be with the user's consent.

The fact is this software DOES cause damage to artists and the RIAA/MPAA. Maybe this would be a good way of offsetting the damage without paying a tax/tarriff/fee.

Re:Wait, there's a good idea here...

[gehrehmee]

Problems:

• It's used to distribute non-music, non-video files
• It's used to distribute music by artists not covered under RIAA members
• Many artists may actually want their music distributed on this network. (In which case, by the same argument that says consumers should pay for access to Kazaa, artists should pay to have their music on Kazaa. Hrm. Then where would we be? :) )

You forgot two things...

[ackthpt]

You left out 'IANAL' when it comes to interpreting the law -and- proof that that spare capacity has value upto or exceding $5,000 (which when you get down to it can be a bit tricky to really establish a value on)

As for without your opinion, how about looking over whatever license or installment agreement you just happened to click through quick just to get it up and running... Though they may not hold much water, it's another bit up the hill for you and your actual lawyer to run, when you go to prosecute.

Kazaa Lite

[Dwedit]

What does this mean for users of Kazaa Lite?

Re:Huh?

[Sancho]

Deserve to get screwed? Bullshit. EULAs are written by lawyers, for lawyers. Most people who run Kazaa wouldn't even understand that particular clause in the EULA if they'd even gotten to it with all the legalese in there.
Furthermore, contracts aren't legal if one or more of the parties did not fully understand the implications of the contract (read up on cases where people just signed on the X without reading the contract in full view of a notary public--in almost all cases the contract was declared null and void).
If EULAs are found to be legal contracts, this should apply, should it not?

spyware

[stud9920]

I think I have discovered yet another effect of cydoor. As you know, cydoor is installed with kazaa. Once some months ago, I noticed that IE6 and or OE6 crashed when I tried to use the keyboard under unknown conditions. I decided to reinstall windows XP without further looking. Some reinstalls later, I found what was responsible for the crashes : they occured ONLY when kazaa was running, and yet more often when kazaa was not running minimized. One month ago, I found a dummy dll to replace cydoor's cd_clint.dll but only returning dummy values, without spying on me. Since then, not once did IE6 or OE6 crash ever again. To me it is obvious that cydoor is trying to keylog on me, and gets blocked by either windoze XP, either by zonealarm. Do you have more info on the matter ? Isn't this perfectly illegal ? (I do netbanking from that computer). Hasn't the boss of cydoor been involved in creditcard fraud ?

criminal trespass

[maxpublic]

Given that no EULA has the force of contract law anywhere in the U.S., it's rather doubtful that it could be used as 'consent' for utilizing spare cycles in a legal fashion. The company is treading dangerous ground here and just begging to be bitch-slapped with a lawsuit.

While I doubt a serious argument could be made for damages, unless the EULA is upheld by some clueless court then using the spare cpu cycles of personal computers clearly constitutes criminal electronic trespass as outlined in the PATRIOT act. And, as we know, this automatically brands one as a terrorist.

I don't use Kazaa but I can't imagine that very many users will be happy to have their 'spare' cpu cycles appropriated for someone else's gain. Just another reason to dump this software in the electronic crapper.

Max

Some observations

[Rogerborg]

• Bermeister said the company had been testing the technology along with ad giants DoubleClick as a way to serve ordinary Web ads more quickly. Under this plan, an ad that a person sees on a Web site might be hosted by a nearby computer running Brilliant's Altnet instead of on a central ad server, as now typically happens with DoubleClick.

"Quickly" is mendatious. The majority of end users will have port 80 traffic cached by their ISP, and you can bet that cache will be juicy-full of DoubleClick stuff. My ISP routes all traffic via my local access point, even traffic to other people under that access point, and they run a cache at the access point. So even if I were to get ads from the guy next door, it would still be slower than getting them from the cache. All this would do would be to cut down DoubleClick's bills for uncached accesses, and (interestingly) stop me blocking DoubleClick using my hosts file. If this latter reason is actually material, then it's a sad indicator that the ad market has given up any pretence that ads are in any way connected to revenue. If I've gone out of my way to actively block your adverts, and you force them on me anyway, what exactly are your chances of gaining one red cent in revenue from me? Farcical.

• Bermeister said. "This will be an opt-in program..." [...] the software would show a pop-up box explaining the network's function and giving people a chance to turn it off

Hey, opt-in, opt-out, what's the difference, eh? To apply an equally muddled metaphor, they'll probably burn that bridge when they come to it.

• People who allow their computers to be used will be compensated somehow, possibly with gift certificates or free videos, the company's filing said.

Ah. Anybody with a typical residential DSL/cable connection should check their contracts. There will almost certainly be a clause in there that prohibits providing services to third parties, and especially selling services to third parties. Most ISP's have tolerated filesharing up to now because it's (generally) an active use thing. And CETI@home is low bandwidth, fully opt-in from the user side, and non-commercial. But this might be different. It's a commercial company using ISP bandwidth to make profit, and pass some of that (a very, very little) back to residential users, who have only agreed in general to provide services, not on an active case by case basis. This might be where ISP's start to draw the line.

Don't want to bitch at this but...

[tcc]

"we're sorry for the spyware"

they remove it

a month later

"We're sorry for the spyware"

they remove it

goto 10.

As much as I love the P2P concept, if these guys go out of buisness or get the crap sued from them, I just hope EFF won't protect them in the name of P2P, because these guys aren't the Good Guys(tm). They are opportunists that are hiding behind ignorants and people that want to defend P2P to play their dirty scheme instead of being just dead honest.

It doesn't kill a buisness to mention any spyware or whatever, if people skip the warning and download it, well now It's their problem, but running it and acting like if you were transparent is just plain unethical, they did it many times, it simply piss me off. That's why I am using winMX since the first time I saw Kazaa doing crap to their users. It's been at least reported 2 times here if not more.

Again, being honnest about it won't change much, it'll just remove a FEW users like me and most of slashdot readers that want their privacy. Most of the people won't give a damn, so why being so dishonnest!? it could just trigger lawsuits against them for absolutely no gain.

The proof to this? well look at how many times you saw kazaa and spyware, and look at their userbase still growing (which doesn't make sense but again, MOST people just don't care, they'd sell their souls for free stuff).